Conversation
| @@ -0,0 +1,12 @@ | |||
| apikey dropbox = Ada46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1 | |||
There was a problem hiding this comment.
[Secret] Dropbox Key token detected in code
Rule ID: APPSEC_SECRET_264
Description
The Dropbox Key Token is an Access Token for making API calls to access or manage files.Exposure allows an attacker to gain unauthorized access to the linked account, potentially leading to file theft, modification, or deletion of sensitive documents.
| @@ -0,0 +1,12 @@ | |||
| apikey dropbox = Ada46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1 | |||
|
|
|||
| text: figd_bD5AlaMmufIHBKTRDZQAiOZme_vCLrrtsvBNlBkz | |||
There was a problem hiding this comment.
[Secret] Figma Personal Access Token detected in code
Rule ID: APPSEC_SECRET_265
Description
The Figma Personal Access Token grants programmatic access to a user's account and design projects.Exposure allows an attacker to view, edit, or delete confidential design files and assets, causing disruption and intellectual property theft.
|
|
||
| text: figd_bD5AlaMmufIHBKTRDZQAiOZme_vCLrrtsvBNlBkz | ||
|
|
||
| {"x-functions-key": "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="} |
There was a problem hiding this comment.
[Secret] Azure Functions App Key Header detected in code
Rule ID: APPSEC_SECRET_266
Description
The Azure Functions App Key (Header) secures access to a specific Function endpoint when passed via the HTTP Authorization Header.Exposure allows unauthorized requests to be processed, leading to misuse of the function's logic, unauthorized access to linked data or resources, and potential escalation of privileges.
|
|
||
| {"x-functions-key": "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="} | ||
|
|
||
| https://company.azurewebsites.net/api/function?code=KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw== |
There was a problem hiding this comment.
[Secret] Azure Functions App Key Query Parameter detected in code
Rule ID: APPSEC_SECRET_267
Description
The Azure Functions App Key (Query Parameter) secures access to a specific Function endpoint when passed in the request URL.Exposure allows unauthorized requests to be processed, carrying the highest risk of accidental logging (browser history, server logs) leading to misuse of the function's logic and data access.
|
|
||
| JENKINS_URL=http://localhost:8080/ | ||
| JENKINS_USER=prod_admin | ||
| JENKINS_TOKEN=118c8ee3a5d6df59dc31b19c8e85878a26 |
There was a problem hiding this comment.
[Secret] Jenkins API Token detected in code
Rule ID: APPSEC_SECRET_268
Description
The Jenkins API Token is generated for programmatic API access to the CI/CD controller.An exposed token can be exploited to achieve Remote Code Execution (RCE) on the controller, extract encrypted secrets, or trigger unauthorized build and deployment processes.
No description provided.